Description
The organization manages the information system using a system development life cycle methodology that includes information security considerations.\n
Supplemental Guidance
NIST Special Publication 800-64 provides guidance on security considerations in the system development life cycle.\n
Changes from Rev 4
Control text adds privacy Discussion is expanded to include benefits of effective integration of security and privacy requirements into enterprise architecture
Enhancements
(0) None.\n
Compliance Mappings
ISO 27002:2022
5.88.258.32
COBIT 2019
BAI01.01BAI01.02BAI01.03BAI01.04BAI01.05BAI01.06BAI01.07BAI01.08BAI01.09BAI09.03BAI09.04
CIS Controls v8
15.7
NIST CSF 2.0
GV.SC-09ID.AM-08PR.PS-02PR.PS-03
SOC 2 TSC
CC5.2CC8.1CC8.1-POF1
ISO 17799 (legacy)
None.
COBIT 4.1 (legacy)
PO8.3AI2.7